From 577c46d56e6b2d89e746609d541bb5d596646d6f Mon Sep 17 00:00:00 2001
From: root <root@195-154-199-144.online.net>
Date: Thu, 20 Mar 2014 20:25:42 +0100
Subject: [PATCH] Added ssh_port parameter to override default one

---
 manifests/init.pp                    | 1 +
 templates/concat/filter_input_header | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/manifests/init.pp b/manifests/init.pp
index 40f5f52..bb9572d 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -25,6 +25,7 @@
   $log_forward         = params_lookup( 'log_forward' ),
   $log_level           = params_lookup( 'log_level' ),
   $safe_ssh            = params_lookup( 'safe_ssh' ),
+  $ssh_port            = params_lookup( 'ssh_port', '22' ),
   $package             = params_lookup( 'package' ),
   $version             = params_lookup( 'version' ),
   $service             = params_lookup( 'service' ),
diff --git a/templates/concat/filter_input_header b/templates/concat/filter_input_header
index 468f35c..be15c2b 100644
--- a/templates/concat/filter_input_header
+++ b/templates/concat/filter_input_header
@@ -2,7 +2,7 @@
 -A INPUT -j LOG --log-level <%= scope.lookupvar('iptables::log_level') %> --log-prefix "INPUT PACKETS: "
 <% end -%>
 <% if scope.lookupvar('iptables::real_safe_ssh') == true -%>
--A INPUT -p tcp --dport 22 -j ACCEPT
+-A INPUT -p tcp --dport <%= scope.lookupvar('iptables::ssh_port') %> -j ACCEPT
 <% end -%>
 -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
 -A INPUT -i lo -j ACCEPT